Nos derniers articles

Europe is facing an unprecedented surge in cyber threats. Malware targeting banking apps alone has grown 200% year-on-year, with affected applications tripling from 600 to 1,800. These numbers reflect a simple truth: cybersecurity is no longer just a tech challenge—it’s a talent challenge.

Despite growing investments, Europe’s cybersecurity skills gap continues to widen, leaving our digital ecosystem exposed. Today, this shortage of skilled professionals is arguably our single greatest vulnerability.

To close this gap, ENISA introduced the European Cybersecurity Skills Framework (ECSF)—a much-needed step toward a common skills language across Member States. Its ambition is right. Its mission is essential. But its practical impact remains limited.

A recent structural analysis highlights six critical gaps holding the ECSF back:

🔹 No seniority levels, making career pathways unclear

🔹 Weak links between tasks, skills, and knowledge, complicating curriculum design

🔹 No graded proficiency levels, limiting meaningful assessment

🔹 Inconsistent role definitions, misaligned with real-world job functions

🔹 Flat, unstructured knowledge lists, difficult to reuse or map

🔹 Lack of scalable coding, hindering interoperability with frameworks like NICE, SFIA, and CyBOK

The good news? These issues are solvable.

A smarter, next-generation ECSF could be built by:

1️⃣ Introducing hierarchical categories for tasks, skills, and knowledge

2️⃣ Defining explicit links between them

3️⃣ Integrating competence tiers

4️⃣ Adding junior–mid–senior levels

5️⃣ Creating a modular structure for emerging domains

6️⃣ Mapping skills directly to training and certifications

This is more than framework design—it’s a strategic investment in Europe’s digital sovereignty. A coherent ECSF empowers educators, enables precise hiring, enhances mobility across Member States, and builds the coordinated workforce we urgently need.

This annual report analyzes how cybersecurity policy translates into practical actions, investments, and operational changes within organizations across the EU, particularly those in high-criticality sectors under the NIS2 Directive. The findings, based on a survey of over 1,000 professionals, highlight that while regulatory compliance is the main driver of investment, challenges persist, such as the cyber talent crunch and difficulties with fundamental tasks like patching and security assessments. Key insights from the report show a shift in spending toward technology and outsourcing, and an ongoing concern over ransomware and supply-chain attacks. This ENISA study ultimately aims to inform policymakers by revealing the practical obstacles and shifting priorities faced by entities working to enhance their cyber resilience.

This paper explores the relationship between Artificial Intelligence (AI) and cybersecurity, emphasizing AI's critical role in modern digital defense. The abstract and introduction establish the urgent need for advanced security solutions due to the increasing reliance on digital platforms and the rise of cyber threats. The research specifically examines how AI technologies like machine learning and deep learning enhance threat detection and incident response for organizations. Conversely, the document addresses significant risks associated with AI in security, including algorithmic bias, adversarial attacks, and the threat of deepfake technologies. Finally, the conclusion argues that AI's benefits outweigh its drawbacks when implemented with robust mitigation strategies, such as quantum security and human oversight, ensuring ethical and effective use.

The paper summarizes a study of U.S. listed firms (2010‑2022) that examines how major cyber incidents—defined as events affecting ≥10,000 individuals or disclosed in an 8‑K—drive lasting upgrades in personnel, technology, and architecture. Findings indicate a 27% rise in cybersecurity hiring that persists for at least two years, alongside increased adoption of specialized software (+30%), cloud services (+11%), and memory‑safe languages (+50‑60%). Breached firms often surpass peers, and spillover effects occur through industry and IT‑system similarity networks, but not via geographic proximity. Cyber‑insurance coverage correlates with muted responses, suggesting potential moral hazard.

This peer review assesses the Dutch authorities' frameworks for monitoring cyber risks, implementing supervisory practices, and coordinating incident response mechanisms. Key findings highlight the Netherlands' significant progress, including the development of the Threat Intelligence-Based Ethical Red-teaming (TIBER) and Advanced Red Teaming (ART) frameworks, while also identifying areas for improvement, such as streamlining information sharing mechanisms and analyzing third-party risks. Overall, the report underscores the persistent challenges posed by the evolving threat landscape and the strategic steps taken by the Netherlands to maintain financial stability against operational and cyber threats.

Le G7 Cyber Expert Group analyse l’impact croissant de l’intelligence artificielle sur la cybersécurité du secteur financier. L’IA, notamment l’IA générative et les systèmes agentiques, offre des capacités avancées pour renforcer la détection des menaces, automatiser l’analyse d’anomalies, améliorer la réponse aux incidents et surveiller plus efficacement les fournisseurs et chaînes d’approvisionnement. Ces atouts peuvent accroître la résilience opérationnelle des institutions financières.

Parallèlement, l’IA génère de nouveaux risques. Les acteurs malveillants peuvent utiliser ces technologies pour créer des attaques plus sophistiquées, automatiser le développement de maliciels, produire des campagnes d’hameçonnage hautement personnalisées ou contourner des systèmes de défense. Les modèles d’IA eux-mêmes deviennent vulnérables à la manipulation des données, aux fuites d’informations ou aux attaques d’ingénierie sociale visant les systèmes automatisés.

Le rapport souligne que ces évolutions exigent une adaptation de la gouvernance, de la supervision, de la gestion des tiers et des compétences internes. Les institutions doivent intégrer la cybersécurité dans le développement et l’usage de l’IA, assurer une supervision humaine adéquate, protéger les données, renforcer la détection et la réponse aux incidents et investir dans les compétences spécialisées. Les autorités sont encouragées à actualiser leurs cadres de risque, à coopérer avec l’industrie et la recherche, et à promouvoir une IA sûre, fiable et transparente pour préserver la stabilité du système financier.

This paper explores the role of a cybersecurity engineer within existing cybersecurity workforce frameworks. It specifically compares how the NIST NICE Framework, the European Cybersecurity Skills Framework (ECSF), and the UK Cyber Security Council (UKCSC) pathways align with and diverge from the cybersecurity engineer job title. The research employs a machine learning methodology to analyze job advertisements from LinkedIn against these frameworks to identify commonalities in required Tasks, Knowledge, and Skills (TKS). The central finding suggests that while the engineer title is highly in demand, its functions are distributed across multiple work roles in these frameworks, with US-based frameworks focusing more on technical abilities and breach prevention, while UK/EU frameworks emphasize operational roles and risk assessment. Ultimately, the paper seeks to make recommendations for creating a distinct and standardized cybersecurity engineer career field to address workforce planning gaps.

This case study examines how a leading Australian financial organization operationalizes 𝗰𝘆𝗯𝗲𝗿-𝘁𝗵𝗿𝗲𝗮𝘁 𝗶𝗻𝘁𝗲𝗹𝗹𝗶𝗴𝗲𝗻𝗰𝗲 (𝗖𝗧𝗜), using military intelligence doctrine (the intelligence cycle) as a theoretical lens. The research, framed as a stakeholder-activity process model, reveals 𝗮 𝗳𝘂𝗻𝗱𝗮𝗺𝗲𝗻𝘁𝗮𝗹 𝗶𝗻𝘃𝗲𝗿𝘀𝗶𝗼𝗻 𝗼𝗳 𝗲𝘀𝘁𝗮𝗯𝗹𝗶𝘀𝗵𝗲𝗱 𝗶𝗻𝘁𝗲𝗹𝗹𝗶𝗴𝗲𝗻𝗰𝗲 𝗻𝗼𝗿𝗺𝘀.
Instead of strategic requirements driving CTI downward from leadership, 𝗶𝗻𝘁𝗲𝗹𝗹𝗶𝗴𝗲𝗻𝗰𝗲 𝗳𝗹𝗼𝘄𝘀 𝘂𝗽𝘄𝗮𝗿𝗱 𝗮𝗻𝗱 𝗼𝘂𝘁𝘄𝗮𝗿𝗱 from technology operations. This challenges the assumption of intelligence-led security in civilian contexts. The study finds 𝗼𝗿𝗴𝗮𝗻𝗶𝘇𝗮𝘁𝗶𝗼𝗻𝘀 𝗽𝗮𝗿𝗮𝗱𝗼𝘅𝗶𝗰𝗮𝗹𝗹𝘆 𝗹𝗶𝗺𝗶𝘁 𝗖𝗧𝗜'𝘀 𝘀𝘁𝗿𝗮𝘁𝗲𝗴𝗶𝗰 𝘃𝗮𝗹𝘂𝗲 𝗱𝘂𝗲 𝘁𝗼 𝗶𝘁𝘀 𝗹𝗼𝘄 𝗼𝗿𝗴𝗮𝗻𝗶𝘇𝗮𝘁𝗶𝗼𝗻𝗮𝗹 𝗽𝗼𝘀𝗶𝘁𝗶𝗼𝗻𝗶𝗻𝗴, a 𝗸𝗻𝗼𝘄𝗹𝗲𝗱𝗴𝗲 𝗴𝗮𝗽 𝗯𝗲𝘁𝘄𝗲𝗲𝗻 𝗯𝘂𝘀𝗶𝗻𝗲𝘀𝘀 𝗮𝗻𝗱 𝗜𝗧, and a lack of strategically relevant analytical products. The findings provide an empirical explanation of CTI practice and a diagnostic model for bottom-up operationalization.

Addressing Adversarial Machine Learning (𝗔𝗠𝗟) in financial systems is like designing a bank vault: not only must the vault be robust enough to withstand sophisticated attacks (𝗔𝗠𝗟 𝗱𝗲𝗳𝗲𝗻𝘀𝗲𝘀), but regulators also require that the complex mechanisms inside are transparent and explainable to auditors (𝗲𝘅𝗽𝗹𝗮𝗶𝗻𝗮𝗯𝗶𝗹𝗶𝘁𝘆 𝗿𝗲𝗾𝘂𝗶𝗿𝗲𝗺𝗲𝗻𝘁𝘀). Meanwhile, the bank must ensure that the security measures don't slow down transactions (𝗽𝗲𝗿𝗳𝗼𝗿𝗺𝗮𝗻𝗰𝗲 𝗱𝗲𝗴𝗿𝗮𝗱𝗮𝘁𝗶𝗼𝗻/𝗮𝗰𝗰𝘂𝗿𝗮𝗰𝘆 𝘁𝗿𝗮𝗱𝗲-𝗼𝗳𝗳) and that its staff has the specialized knowledge to operate and repair the mechanism (𝘀𝗸𝗶𝗹𝗹𝘀 𝗴𝗮𝗽).

Après un cycle de durcissement, le marché de l'assurance d'entreprise amorce pour 2025-2026 un rééquilibrage progressif, mû par une augmentation des capacités des assureurs et une concurrence accrue. Cette dynamique se matérialise par des baisses de primes significatives, notamment sur le risque cyber où les réductions atteignent -20% à -40% pour les profils les mieux maîtrisés. Cette tendance n'est cependant pas uniforme ; des secteurs comme le public, l'hospitalier et la logistique demeurent soumis à des conditions plus strictes. Parallèlement, les contextes géopolitique et climatique imposent de nouvelles contraintes : le premier entraîne une standardisation des clauses d'exclusion (guerre, sanctions), tandis que les deux conjugués exacerbent la vigilance des assureurs. Cette embellie, qualifiée par les experts d'opportunité potentiellement temporaire, constitue une fenêtre stratégique que les entreprises, PME et ETI en tête, doivent exploiter pour optimiser leurs programmes, tout en restant vigilantes face aux signaux de durcissement internationaux.